21 matches found
virt:kvm_utils2 security update
hivex libguestfs libguestfs-winsupport 8.6-1 - Rebase to ntfs-3g 2021.8.22 - Fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289, CVE-2021-35266, CVE-2021-35267, CVE-2021-35268, CVE-2021-35269, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253, CVE-2021-39254 resolves: rhbz2004490...
SUSE CVE-2021-33285
In NTFS-3G versions 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfsgetattributevalue, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by...
virt:ol and virt-devel:ol security, bug fix, and enhancement update
hivex 1.3.18-23 - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 1.3.18-22.el8 - Resolves: bz2000225 Rebase virt:rhel module:stream based on AV-8.6 libguestfs 1.44.0-5.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug:...
ALSA-2022:1759 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
An update is available for libguestfs, libnbd, libtpms, libguestfs-winsupport, nbdkit, supermin, libiscsi, hivex, libvirt, netcf, perl-Sys-Virt, seabios, qemu-kvm, swtpm, virt-v2v, sgabios, libvirt-dbus, libvirt-python. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...
CVE-2021-33285 affecting package ntfs-3g for versions less than 2021.8.22-1
CVE-2021-33285 affecting package ntfs-3g for versions less than 2021.8.22-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for ntfs-3g (EulerOS-SA-2021-2807)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2021-2807)
According to the versions of the ntfs-3g packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In NTFS-3G versions 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfsgetattributevalue, a heap buffer overflo...
Debian DLA-2819-1 : ntfs-3g - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2819 advisory. - In NTFS-3G versions 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfsgetattributevalue, a heap buffer overflow can occur allowi...
[SECURITY] [DLA 2819-1] ntfs-3g security update
Debian LTS Advisory DLA-2819-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany November 16, 2021 https://wiki.debian.org/LTS Package : ntfs-3g Version : 1:2016.2.22AR.1+dfsg-1+deb9u2 CVE ID : CVE-2021-33285 CVE-2021-33286 CVE-2021-33287 CVE-2021-33289 CVE-2021-352...
RHEL 8 : virt:av and virt-devel:av (RHSA-2021:3703)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3703 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...
RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:3704)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3704 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...
Debian: Security Advisory (DSA-4971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security fix for the ALT Linux 9 package ntfs-3g version 2:2021.8.22-alt1
2:2021.8.22-alt1 built Sept. 10, 2021 Valery Inozemtsev in task 284295 Aug. 31, 2021 Valery Inozemtsev - 2021.8.22 Fixes: CVE-2021-33285, CVE-2021-35269, CVE-2021-35268, CVE-2021-33289, CVE-2021-33286, CVE-2021-35266, CVE-2021-33287, CVE-2021-35267, CVE-2021-39251, CVE-2021-39252, CVE-2021-39253,...
openSUSE 15 Security Update : ntfs-3g_ntfsprogs (openSUSE-SU-2021:1244-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1244-1 advisory. - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with...
[SECURITY] [DSA 4971-1] ntfs-3g security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4971-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 09, 2021 https://www.debian.org/security/faq -...
openSUSE: Security Advisory for ntfs-3g_ntfsprogs (openSUSE-SU-2021:2971-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : ntfs-3g_ntfsprogs (SUSE-SU-2021:2971-1)
The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2971-1 advisory. Update to version 2021.8.22 bsc1189720: Fixed compile error when building with libfuse vs...
CVE-2021-33285
In NTFS-3G versions 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfsgetattributevalue, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by...
CVE-2021-33285
NTFS-3G vulnerability (CVE-2021-33285) affects versions before 2021.8.22. A crafted NTFS attribute input to ntfs_get_attribute_value can trigger an out-of-bounds heap access due to a missing consistency check after reading an MFT record; if bytes_in_use is not less than bytes_allocated, parsing c...